This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I am seeing a number of events under my Admin reports with "set-mailbox" and "new-mailbox" by a user id "******@namprd12.prod.outlook.com. I have read that this is an account SharePoint uses behind the scenes? Is this accurate, or do I have a bigger problem?
Microsoft 365 features that help users manage their subscriptions, account settings, and billing information.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
You might to want to ask your partner how they decided the account is compromised :) FYI, there are over 100 such "backend" applications that most O365 tenants have/use, you can get a list via Get-MsolServicePrincipal or the Azure AD portal.
Thanks, but if that is the case, why can't I find anything online about it and our O365 partner told me an account was compromised??
Hi Jacque,
Feel free to share with the above information when you have time.
Thanks,
Amanda
Hi Jacque,
To better understand the situation, could you please share with the following information?
1. Where and how did you find the reports?
2. Provide with a screenshot of the information. In order to protect your privacy, I have sent you a private message to collect it.
Thanks,
Amanda
It's a Microsoft app, installed server-side. We all have it, dont worry about it.